cannot manage home directories

[vella1tj]

user {'username':
uid => 501,
gid => 'staff',
comment => 'comment',
ensure => present,
home => '/Users/sysop',
shell => '/bin/bash',
managehome => true,
password => 'hash',
}

I run the command puppet init.pp to apply it (mac osx 10.6) and I get
"Parameter managehome failed: User provider directoryservice can not
manage home directories at /private/ectic/puppet/init.pp:11

I looked at line 11 which is actually where the "}" is so I feel that
can' be wrong. I believe maybe they're could be something on my test
mac that is blocking puppet from creating the home directory.... Any
help would be appreciated and thanks in advance for any response!

Two of my co-workers attempted to help me, they changed a few settings
to this:

user {'username':
uid => 501,
gid => 'staff',
#comment => 'comment',
ensure => present,
# managehome => true,
home => '/Users/username',
shell => '/bin/bash',
provider => dscl,
password => 'hash',
}

I would then get the error
"could not find a default route. Using first non-loopback interface
Time out seeking value for ipaddress" This is repeated multiple
times.
"warning: Could not retrieve fact ipadresss.
Not believing that it was due to not pulling a ipaddress (besides
172)
it was but it is still not creating the home folder even when
managehome is not commented out.

[Nigel Kersten]

On Fri, Jun 10, 2011 at 7:51 AM, vella1tj <vell...@gmail.com> wrote:

user {'username':
           uid                      => 501,
           gid                      => 'staff',
           comment             => 'comment',
           ensure                 => present,
           home                   => '/Users/sysop',
           shell                    => '/bin/bash',
           managehome        => true,
           password              => 'hash',
}

I run the command puppet init.pp to apply it (mac osx 10.6) and I get
"Parameter managehome failed:  User provider directoryservice can not
manage home directories at /private/ectic/puppet/init.pp:11

The directoryservice provider doesn't manage home directories, but it would be reasonably easy to patch it to do so. Can you file a feature request for us please?

 

I looked at line 11 which is actually where the "}" is so I feel that
can' be wrong. I believe maybe they're could be something on my test
mac that is blocking puppet from creating the home directory.... Any
help would be appreciated and thanks in advance for any response!

The error is clearly unhelpful. :(

Take out the managehome directory part and I'd put in an exec like:

exec { "/usr/sbin/createhomedir -c -l -u <username>":

  subscribe => User[<username>],

  refreshonly => true,

}

This is how the underlying directoryservice provider should do the home directory creation rather than making, as it will make it from the user template.

The problem with this is that it will only create it when the user record is created. An alternative might be:

exec { "/usr/sbin/createhomedir -c -l -u demo":

  unless => "/bin/test -d /Users/demo/Library",

}

so it will create it if the /Library folder is missing.

There are a lot of caveats here about the interaction of FileVault while the user is logged out. Hopefully you don't have to care about that. :)

Two of my co-workers attempted to help me, they changed a few settings
to this:

user {'username':
           uid                      => 501,
           gid                      => 'staff',
           #comment             => 'comment',
           ensure                 => present,
          # managehome        => true,
            home                   => '/Users/username',
           shell                    => '/bin/bash',
           provider               => dscl,
           password              => 'hash',
}

I would then get the error
"could not find a default route. Using first non-loopback interface
Time out seeking value for ipaddress"   This is repeated multiple
times.
"warning: Could not retrieve fact ipadresss.
Not believing that it was due to not pulling a ipaddress (besides
172)
it was but it is still not creating the home folder even when
managehome is not commented out.

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

--
Nigel Kersten
Product, Puppet Labs
@nigelkersten

[vella1tj]

Thanks going to try that right now sorry that the error wasn't more
helpful.

On Jun 10, 11:09 am, Nigel Kersten <ni...@puppetlabs.com> wrote:

[Nigel Kersten]

On Fri, Jun 10, 2011 at 8:34 AM, vella1tj <vell...@gmail.com> wrote:

Thanks going to try that right now sorry that the error wasn't more
helpful.

You're completely misunderstanding me :) The error not being helpful is Puppet's fault, not yours at all :)

[vella1tj]

Unfortunately it is still not creating the Home folder but it is at
least creating the User and assigning it the proper values!!:D

I'm going to try doing a mdir to create the home folder. Let me know
what you think about that, here is what I have right now.



user {'user':

uid => 501,
gid => 'staff',

#comment => "some random comment",
ensure => present,
home => '/Users/user',
shell => '/bin/bash',
# provider => user_role_add,
password => 'Hash,
}

exec {"/usr/sbin/createhomedir -c -l -u user":
subscribe => User[user],
refreshonly => true,
}

The weird thing is even manually using the createdir command is not
working. I thought maybe their was something wrong with the OS
installation because its on a macbook air so I tried it on my actual
Imac work computer. I deleted the local admin account then ran the
command it created the user but not the home folder still. I forget to
set myself as admin so I had to have my manager su user then create
the folder and he was able to. So it's def the script that I wrote
that is not working. Thanks for your time again Nigel I do appreciate
it.

If there is any information that I ommited that is needed just tell me
and I'll do my best to give you whatever you need.

On Jun 10, 1:11 pm, Nigel Kersten <ni...@puppetlabs.com> wrote:

[vella1tj]

the exec has been changed to this.


exec {"cp -R English.lproj/* /Users/sysop":
path =>"/System/Library/User Template/",
#require =>User[sysop],
#subscribe =>User[sysop],
#refreshonly => true,
}

Have also tried using

exec {"cp -R English.lproj/* /Users/sysop":
path =>"/System/Library/User\ Template/",
#require =>User[sysop],
#subscribe =>User[sysop],
#refreshonly => true,
}

Because the createdir was failing my manager came up with the idea of
copying the user template from "/System/Library/User Template/
English.lproj" and rename to username in the /Users folder.

after I receive the error:
//User[sysop]/ensure: created
err: //Exec[cp -R English.lproj/* /Users/sysop]/returns: change from
notrun to 0 failed:

[Nigel Kersten]

Sometimes createhomedir is just buggy. :(

If you do "man DirectoryService" you'll see the instructions for sending USR1 signals to the DS process for debugging and there might be something that leaps out when you interactively run createhomedir for the user.

[vella1tj]

so the copying way of the user template is prolly not the best way?


On Jun 13, 3:24 pm, Nigel Kersten <ni...@puppetlabs.com> wrote:

[Nigel Kersten]

On Mon, Jun 13, 2011 at 12:48 PM, vella1tj <vell...@gmail.com> wrote:

so the copying way of the user template is prolly not the best way?

That's basically one of the underlying things createhomedir does, but you're not going to actually be setting up directories with the correct permissions/ACLs, which could be a problem.

Especially in later versions of OS X, createhomedir problems have often been a symptom of another directory service related issue in my experience, so I'd definitely do some debugging first.

 

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

[vella1tj]

Well I haven't got on top of debugging the createhomdir but I just
wanted to let you know how we got the command to work. this is the
exec as follows

exec {'username':
command =>"cp -R /System/Library/templateuser/English.lproj/ /
Users/username/",
path =>"/bin/",
#everything else that we where using has been commented out.
}

The path command was key and one of my managers was just screwing with
it and got it to work. The manifests are different a little bit
because i went in and changed the "User Template" to "templateuser"
because i thought puppet was having a hard time on the files with
spaces. Just thought you would want to know. Again thank you so much
you are awesome Nigel, if there is anything I could do for you just
let me know:)

On Jun 13, 3:53 pm, Nigel Kersten <ni...@puppetlabs.com> wrote:

[Nigel Kersten]

On Mon, Jun 13, 2011 at 1:30 PM, vella1tj <vell...@gmail.com> wrote:

Well I haven't got on top of debugging the createhomdir but I just
wanted to let you know how we got the command to work. this is the
exec as follows

exec {'username':
 command        =>"cp -R /System/Library/templateuser/English.lproj/ /
Users/username/",
 path                =>"/bin/",
 #everything else that we where using has been commented out.
}

The path command was key and one of my managers was just screwing with
it and got it to work. The manifests are different a little bit
because i went in and changed the "User Template" to "templateuser"
because i thought puppet was having a hard time on the files with
spaces. Just thought you would want to know. Again thank you so much
you are awesome Nigel, if there is anything I could do for you just
let me know:)

Thank you for the kind words, but making more Mac Puppet users is enough :)

I'd be a bit careful of the above command though. You may not end up with the permissions your users expect, particularly on the "Public" and "Public/DropBox" folders.

[vella1tj]

We just need the account to have root access and be created
successfully, I looked at the permissions of the assorted folders
everything to the best of my knowledge had root access. I'll
definitely look into it though thanks for the heads up.

On Jun 13, 5:20 pm, Nigel Kersten <ni...@puppetlabs.com> wrote: